Linux Distro: Tails - You Can Never Be Too Paranoid

Tails is a live media Linux distro designed boot into a highly secure desktop environment. You may remember that we looked at a US government distro with similar aims a few months ago, but Tails is different because it is aimed at the privacy conscious “normal user” rather than government workers.

Tails takes the form of a bootable live image that can be used from a CD ROM, a USB stick or via a network boot. Once booted, it executes from RAM, taking care not to make use of a swap partition. The desktop is Gnome 2.0 and the applications are a fairly standard selection. The web browser is an old, but usable, version of Iceweasel 3.5 (Debian Firefox). There are other applications to handle graphics work, audio editing, media playback, text editing, instant messaging and a email client - basically, everything you need when you’re on the run from enemy agents. Extra software can be added via the Synaptic package manager which pulls directly from the Debian repositories. So far, so similar to most other live desktop distros. Security and limited footprint on the the host machine are the areas in which the distro differs from the run of the mill.

All interactions with the Internet are passed through Tor an anonymization system. Using Tor, Tails pipes all Internet traffic emanating from your computer through a constantly shifting set of relays that are operated by a network of volunteers. Consequently, it’s then difficult for anyone to monitor your activity on the web or for web hosts to pinpoint your location. In short, your web activities are anonymous. It’s hardly an exhaustive test, but sure enough, when I visited Google News, it presumed that was located in a different country after each reboot.

The desktop itself is pretty standard fare.

The supplied version of Iceweasel comes with an extension to enable end to end encryption (HTTPS) whenever possible in order to further increase security and another one to switch Tor on and off. Many of the applications that are supplied have been tweaked in this way, to improve security. Tails also wipes the contents of RAM on shutdown, and it has a little onscreen keyboard to bypass hardware key loggers. Note that it isn't loaded down with security tools, such as those for penetration testing, although such tools can be added via the package manager. The aim of the distribution is clearly to provide a secure client and tools rather than to provide a ready-made platform for hacking.

There’s nothing to stop you using Tor to give you a secure general purpose desktop whenever you are forced to use a machine that you are not 100% sure about, security wise. Handy, if you want to check financial or other sensitive information. Beyond that, it comes into its own for denizens of oppressive regimes in which governments actively monitor Internet use and persecute free expression.

I suggest making the thumbnail a link to the fullsize image, with a "click to view image at 1:1" title field (a 'tooltip' that pops up on a mouseover). That way you've got your layout intact, but reading all the text in the image is one (double)click away. IMO that should be standard policy.

@ Micheal, I always wonder why don't you guys ever post full images. If you need to demonstrate the GUI of an OS or a program, then the screenshot should be clear enough. (In this article, it's still reasonably clear, but sometimes, the image quality/size is very bad).

This is the biggest gripe I have with LJ. If you have bandwidth problems, then you should use 3rd party image hosts.

I agree with this. In this article it was okay as there was a decent sized image in the article, but a lot of articles only have a small thumbnail image at the start of the first paragraph. I often times click on this hoping to see a full size image so I can see certain details, and I am always disappointed when I find there is no such image. Linking the thumbnail to the full size screen capture would be perfect and very helpful.

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.